I’ve long had the opinion that web application firewalls (WAF) are one of those security technologies that every business should deploy. For a hacker, breaching an organization through a state of the art, next generation firewall is quite a difficult task. It’s much easier to go after naïve users by directing attacks through a web application. The best way to combat these threats is with a WAF. Given the rise of web related attacks like SQL injection and session hijacking, it would stand to reason every business would deploy one.